package uk.ac.sanger.das.dasregistry.springrest.security;

import java.util.HashMap;
import java.util.Map;

import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcDaoSupport;

public class AuthenticationDAO extends NamedParameterJdbcDaoSupport{

	public String addUserWithPass(String username, String displayName, String encryptedPassword, int role, int alertMe) {
		String errorMessage="";
		System.out.println("adding user to db user="+username+" encryptedPass="+encryptedPassword);
		//insert into user (email, user_pass) values ('joebloggs@hotmail.com','blah2');
		String sql="insert into user (open_id,email, user_pass) values (:open_id,:email,:user_pass)";
		Map<String,String> paramMap=new HashMap<String,String>();
		paramMap.put("open_id", displayName);
		paramMap.put("email", username);
		paramMap.put("user_pass",encryptedPassword);
		int rowsInserted=0;
		try {
			rowsInserted = getNamedParameterJdbcTemplate().update(sql, paramMap);
		} catch (DataAccessException e) {
			//  Auto-generated catch block
			return e.getMessage();
			
		}
	
		return errorMessage;
	}

	/**
	 * 
	 * @param email
	 * @return
	 */
	public String deleteUser(String email) {
		
		
		String sql = "delete from user where email = :email";
		
			Map paramMap=new HashMap();
			paramMap.put("email", email);
		try {
			int result=getNamedParameterJdbcTemplate().update(sql, paramMap);
		} catch (DataAccessException e1) {
			//  Auto-generated catch block
			e1.printStackTrace();
		}
		
		//remove owner from das sources
		String removeFromRegSql= "delete from registry2user where email ="+email;
		try {
			getJdbcTemplate().update(removeFromRegSql);
		} catch (DataAccessException e) {
			//  Auto-generated catch block
			return e.getMessage();
		}
		//System.out.println("lines affected="+linesAffected);
		return "";
	}

	/**
	 * username/email 
	 * @param username
	 * @return ecryptedPass
	 */
	public String getEncryptedPass(String username) {
		String sql="select user_pass from user where email=:email";
		Map<String,String> paramMap=new HashMap<String,String>();
		paramMap.put("email", username);
		Map map=null;
		try {
			map = getNamedParameterJdbcTemplate().queryForMap(sql, paramMap);
		} catch (DataAccessException e) {
			//  Auto-generated catch block
			e.printStackTrace();
		}
		if(map==null){
			return "";
		}
		String encryptedPass=(String)map.get("user_pass");
		System.out.println("user_pass in database="+encryptedPass);
		return encryptedPass;
	}

	public boolean userExists(String email) {
		String sql="select count(*) email  from user where email=:email";
		Map paramMap=new HashMap();
		paramMap.put("email", email);
		int count=getNamedParameterJdbcTemplate().queryForInt(sql, paramMap);
		if(count==1){//should be at only 1 user with this email
			return true;
		}
		return false;
	}

	public String updatePass(String email, String encryptedPassword) {
		String errorMessage="";
		System.out.println("updating user to db user="+email+" encryptedPass="+encryptedPassword);
		//insert into user (email, user_pass) values ('joebloggs@hotmail.com','blah2');
		String sql="update user set user_pass=:pass where email=:email";
		Map<String,String> paramMap=new HashMap<String,String>();
		paramMap.put("email", email);
		paramMap.put("pass", encryptedPassword);
		int rowsInserted=0;
		try {
			rowsInserted = getNamedParameterJdbcTemplate().update(sql, paramMap);
			System.out.println("rows inserted="+rowsInserted);
		} catch (DataAccessException e) {
			System.out.println(e.getMessage());
			return e.getMessage();
			
		}
	
		return errorMessage;
	}

	
	
	
}
